802.1x What it is, How it’s broken, and How to fix it.

Similar presentations

Presentation on theme: "802.1x What it is, How it’s broken, and How to fix it."— Presentation transcript:

1 802.1x What it is, How it’s broken, and How to fix it.Bruce PotterThe Shmoo GroupPractitioner, not researcherTalk will focus on the operational impact of 802.1x, not the low level technical breakdown.

2 Drive 12 miles to work in Northern VA, much of it through un-developed land.In Sept, there were 12 AP’s. In May there were 50.

5 802.11, b, etc.IEEE standard – based on well known Ethernet standards– FHSS or DSSS, WEP, 2.4 GHz, Infrastructure (BSS) or Ad-Hoc (iBSS)Limited to 2Mb/s due to FCC limits on dwell times per frequency hop802.11b – DSSS only, WEP, 2.4 GHz, Infrastructure or Ad-HocUp to 11Mb/sAlso known as Wi-Fi802.11a and g

6 An Association Associations are a basic part of 802.11Client Requests authenticationAP responds with auth type (Open/WEP)Authentication is performedIf successful, then Association is requested and grantedSSID is sent in the clear, so not advertising SSID is NOT a valid security mechanism

7 General Principles Deal with the basicsIntegrityProtecting your packets from modification by other partiesConfidentialityKeeping eavesdroppers within range from gaining useful informationKeeping unauthorized users off the networkFree Internet!Risks to both internal and external networkAvailabilityLow level DoS is hard to preventLike any other environment, there are no silver bullets

9 WEP In a Nutshell 40 bits of security == 64 bits of marketing spam.Not just encryption, also rudimentary authentication of AP’s and clients.

10 Thoughts on WEPKey management beyond a handful of people is impossibleToo much trustDifficult administrationKey lifetime can get very short in an enterpriseNo authentication for management framesNo per packet authFalse Advertising!!!

11 What is Lacking? Scalability Protection for all partiesMany clientsLarge networksProtection for all partiesEliminate invalid trust assumptions

16 EAP Extensible Authentication Protocol Originally designed for PPPShoehorned into 802.1xSwitch/Access point is a pass through for EAP traffic. New authentication mechanisms do not require infrastructure upgradesLEAP – Cisco’s Lightweight EAPPassword based and (relatively) widely availableDe facto mechanism between AS and AServ is RADIUS

18 EAP MethodsEAP-TLS: Uses certs! If implemented properly, solves many problemsTTLS – Tunneled TLS. Allows encapsulation of other auth mechanisms.“machine” auth’d by TLS, person by the tunneled protocolPEAP – IETF DraftLike TTLS but with another EAP method encapsulatedTLS/TTLS and others require certsWe all have a PKI setup, right? and use it properly and regularly?

20 What’s RightIn controlled environment, risks can be mitigated by higher level protocolsVPN/SSL/SSHNOTE: exchange of WEP key material is not part of 802.1x specificationRemember: designed for wired campus networks

21 What’s Right Association happens BEFORE 802.1x transaction.Good: If 802.1x session is protected by default WEP key then the attacker must first compromise the WEP key to make use of 802.1x vulnsBad: Key management anyone? Just how does the default key get there?

22 What’s Wrong www.missl.cs.umd.edu/wireless/1x.pdfFirst Open source supplicantFirst holes in 802.1xOne way authenticationLess of a concern in LAN environmentTraffic InterceptionSession Highjacking

23 What’s Wrong – TechnicalOne way AuthenticationGateway authenticates the clientClient has no explicit means to authenticate the GatewayRouge gateways put client at riskRemember – the loudest access point winsStill no Authentication of management frames (assoc/deassoc/beacons/etc…)Some EAP methods provide mutual authentication… but it’s not a requirement.

24 What’s Wrong - TechnicalMITMSend “Authentication Successful” to clientClient associates with malicious APHijackingSend deassociation message to client… AP is in the darkChange MAC to client and have live connection

26 What’s Wrong – touchy feelyThey forgot about the client (trust assumptions)Everyone is ask riskEveryone is a threatLack of physical security requires encrypted channel to secure 802.1xWired “port” is not the same as wireless “port”Protocol designed to not require hardware replacementLeads to less than stellar solution, esp WRT authentication of management frames.

27 What’s Wrong – touchy feelyExtensibility leads to complexityComplexity leads to mistakes in implementationRead the MS Guide on create EAP methods as an example.Multivendor support is difficultUsing a shoehorn to force protocols to work together leads to problems

28 Why Did it Go Wrong? 802.1x – Designed for Campus networksEAP – Designed for PPPNEITHER designed with wireless threat model in mindLesson: Don’t apply old protocols to new problems without understanding the risk.